Trendnet AC2600 TEW-827DRU version 2.08B01 contains an security flaw in the web interface. HTTPS is not enabled on the device by default. This results in cleartext transmission of sensitive information such as passwords.
References
Link | Resource |
---|---|
https://www.tenable.com/security/research/tra-2021-54 | Third Party Advisory |
https://www.tenable.com/security/research/tra-2021-54 | Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 05:46
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.tenable.com/security/research/tra-2021-54 - Third Party Advisory |
Information
Published : 2021-12-30 22:15
Updated : 2024-11-21 05:46
NVD link : CVE-2021-20154
Mitre link : CVE-2021-20154
CVE.ORG link : CVE-2021-20154
JSON object : View
Products Affected
trendnet
- tew-827dru
- tew-827dru_firmware
CWE
CWE-319
Cleartext Transmission of Sensitive Information